Geoff,
Thats exactly the method that was mentioned earlier...The solution
they have proposed is designed to work in conjunction with the Microsoft
patch to block the Code Red HTTP GET requests at a network ingress point. It
looks for keywords and blocks if it finds a match. Here is an exa
There is no method sufficiently granular to stop Code
Red or CodeRed II using ACLs without blocking all
related non-attack traffic... what you really need is
a stateful firewall that can block http GET requests
that contain "default.ida".
Geoff Zinderdine
CCNP MCP CCA
MTS Communications
--- will
Let me explain...
1) the methodoly used is a subset of NBAR called "class based marking
feature", which is available in ver 12.1(5)T or higher...
2) you must enable cef before you configure NBAR
go to the following link for more info
http://www.cisco.com/univercd/cc/td/doc/product/software/ios12
How would you block code red with CEF and NBAR?
On Sun, 5 Aug 2001 19:28:10 -0400, Santosh Koshy wrote:
> Depends on your edge router you need a router that supports CEF &
> NBAR (3600, 7000, e.t.c.) with IOS 12.1(5) T or higher
>
> Thanks,
> Santosh
>
> ""Russ Kreigh"" wrote
Depends on your edge router you need a router that supports CEF &
NBAR (3600, 7000, e.t.c.) with IOS 12.1(5) T or higher
Thanks,
Santosh
""Russ Kreigh"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=149
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=14967&t=14967
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
6 matches
Mail list logo